Y
Hacker News
new
|
ask
|
show
|
jobs
by
tptacek
2479 days ago
Unlikely. TOTP, Duo Push, and SMS are all more popular that U2F/WebAuthn.
1 comments
eranation
2479 days ago
Yep. Those are still prone to phishing for a clever attacker and sleepy employee. For most users - that should be fine, but for the ones with the admin access to the nuclear reactor, U2F/FIDO2/WebAuthn probably worth the extra effort.
link